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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address — 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1 )^| Responsive to communication(s) filed on 22 January 2010 . 
2a )£3 This action is FINAL. 2b)^ This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^3 Claim(s) 1 and 18-37 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) |EI Claim(s) 1, 18-37 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) L~H The specification is objected to by the Examiner. 

10)D The drawing(s) filed on is/are: a)^ accepted or b)^ objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 0 Certified copies of the priority documents have been received. 

20 Certified copies of the priority documents have been received in Application No. . 

3.Q Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

Response to Arguments 

Applicant's arguments filed 1/22/2010 have been fully considered but they are not 
persuasive. 

Applicant argues that Schneider does not teach an IP address associated with the user. 
Applicant argues that a session provides the IP address. 

Examiner argues that Schneider does teach an account with an IP address associated with 
a user. Schneider teaches users are defined in "information sets" in a database. While the 
examiner admits that Schneider teaches a "range" of IP addresses for each user, the Examiner 
believes that this still associates an IP address for a user. The examiner does not believe the 
argument about sessions is relevant. The session IP address, which is also the IP address of the 
user, has previously been stored in a database that identifies the user, and then that user has been 
assigned to a group. Thus the IP address is already stored (or range for that user) in a database 
301 . That database contains user information datasets 313, which the examiner associates with 
the word "account". 

In the alternate, Examiner argues that Schneider also teaches that the database contains a 
certificate authorization method associated with the user as shown in Column 1 1 lines 1-55 
(matching). 
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Applicant has not overcome the USC 101 rejection because the term "computer" is to 
broad. To overcome the USC 101 the applicant must specify non-transitory hardware. If the 
applicant specifies a processor, the applicant must state that it is a hardware processor or "micro- 
processor" 



Claim Rejections - 35 USC § 101 
35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or 
any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and 
requirements of this title. 

the claimed invention is directed to non-statutory subject matter. A process qualifies to be 
considered for patenting only if it (1) is implemented with a particular machine, that is, one 
specifically devised and adapted to carry out the process in a way that is not concededly 
conventional and is not trivial; or else (2) transforms an article from one thing or state to another. 
Claims 1, 27, and 37 are rejected because they do not contain any form of computer hardware. 
Inclusion of a Processor or other computer hardware consistent with the specification will 
overcome this rejection. 



Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 
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(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

Claims 1, 19, 20, 24, 25-27, 29, 30, 34, 35, 36 are rejected under 35 U.S.C. 103(a) 
as being unpatentable over Davis US 6,367,009 in view of Schneider US 
6,178,505 in view of Kuhn US 6,023,765. 

As per claims 1, and 27, Davis discloses an MTS or middle tier server, verifying a users ID 
through a digital certificate submitted by the client, (authentication component), (Col 1 1 
lines 39-43). Davis also discloses the ETS or end tier server verifying the users ID through 
use of a digital certificate, (Col 13 lines 27-31). Davis teaches that the ETS uses access 
control comprising a list of authorized users, (directory), (Col 13 lines 35-39). Davis 
discloses that if the user is not on the access control list, the system will restrict access, 
(access control system), (Col 13 lines 40-42). 

Schneider teaches a system in which a users are permitted access to at least one portion of 
a computer site. Schneider teaches a database (directory) of user accounts wherein the 
user is assigned a group and is allowed access to data said group is permitted to access. 
(Col 12 lines 10-33, 54-59). Schneider teaches a user account with an associated IP 
address or certificate authorization method (Col 23 lines 18-20, Col 1 1 lines 1-55). 
It would be obvious to one skilled in the art to modify the system of Davis with the user 
account access control of Schneider because ACL's do not provide the level of security 
and flexibility that user accounts do. 



Application/Control Number: 09/426,442 Page 5 

Art Unit: 2439 

Kuhn teaches using an access policy to provide tiered access for a plurality of security 
levels over different sets of users (Col 6 lines 35-60). 

It would have been obvious to one of ordinary skill in the art to use Kuhn with the 
previous combination because it allows the convenience and organization of the role 
based system of Schneider with the proven security improvements of security levels (Col 
5 lines 10-15). 

As per claim 19, 29, Schneider teaches that users are categorized into discrete sets 
granted access to a particular portion of the computer according to the access policy. 

As per claim 20, 30, Schnieder teaches the system is configured to use information 
relating to the user to present tot the user personalized information. 

As per claims 24 and 34, Schneider teaches the account containing an IP address (Col 23 
lines 15-25). 

As per claims 25, and 35 Schneider teaches the system is configured to provide 
functionality to support the desired functionality of the users (Col 12 lines 20-40). 

As per claims 26, 36 Davis teaches that the certificate authorization is automated (no 
human is involved in the process) (Col 13 lines 15-25). 
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Claims 21, 22, 31, 32, and 37 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Davis US 6,367009 in view of Schneider US 6,178,505 in view 
of Kuhn US 6,023,765 in view of GUPTA US 2001/0020242. 

As per claims 21,22, 31, and 32, the previous combination teaches user groups but 
not specifically user preferences. 

Gupta teaches user preferences, and displaying new products or information related to 
the users field of interest based on those preferences [0062], [0064], [0075] 

It would have been obvious to one of ordinary skill in the art to use the 
preferences of Gupta with the previous system because it is more efficient to send the 
user tailored information, then send general information. 

As per claim 37, 

Davis discloses an MTS or middle tier server, verifying a users ID through a digital 
certificate submitted by the client, (authentication component), (Col 1 1 lines 39-43). Davis 
also discloses the ETS or end tier server verifying the users ID through use of a digital 
certificate, (Col 13 lines 27-31). Davis teaches that the ETS uses access control comprising a 
list of authorized users, (directory), (Col 13 lines 35-39). Davis discloses that if the user is 
not on the access control list, the system will restrict access, (access control system), (Col 13 
lines 40-42). 

Schneider teaches a system in which a users are permitted access to at least one portion of 
a computer site. Schneider teaches a database (directory) of user accounts wherein the 
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user is assigned a group and is allowed access to data said group is permitted to access. 
(Col 12 lines 10-33, 54-59). Schneider teaches a user account with an associated IP 
address or certificate authorization method (Col 23 lines 18-20, Col 1 1 lines 1-55) 
It would be obvious to one skilled in the art to modify the system of Davis with the user 
account access control of Schneider because ACL's do not provide the level of security 
and flexibility that user accounts do. 

Kuhn teaches using an access polict to provide tiered access for a plurality of security 
levels over different sets of users (Col 6 lines 35-60). 

It would have been obvious to one of ordinary skill in the art to use Kuhn with the 
previous combination because it allows the convenience and organization of the role 
based system of Schneider with the proven security improvements of security levels (Col 
5 lines 10-15). 

Gupta teaches user preferences, and displaying new products or information related to 
the users field of interest based on those preferences [0062], [0064], [0075] 

It would have been obvious to one of ordinary skill in the art to use the 
preferences of Gupta with the previous system because it is more efficient to send the 
user tailored information, then send general information. 



Claims 18, 23, 28, 33 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Davis US 6,367,009 in view of Schneider US 6,178,505 in view of Kuhn US 6,023,765 
in view of Ginzboorg US 6,240,091. 
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As per claims 18, 28 Davis does not teach a log system to record user actions in a computer 
site. 

Ginzboorg discloses by means of charging records, a log system to record user interaction 
with a computer site including a digital signature and timestamp for a transaction, (Col 8 
lines 22-26, Col 11 lines 17-21, Col 12 lines 24-28). 

It would have been obvious to one skilled in the art to modify the access policy of Davis 
with the recording system of Ginzboorg to provide the necessary data for billing purposes 

As per claims 23, and 33, Ginzboorg teaches an archive including purchases made 
(Ginzboorg Col 9 lines 50-55). 

Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
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however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to CHRISTOPHER J. BROWN whose telephone number is 
(571)272-3833. The examiner can normally be reached on 8:30-6:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Edan Orgad can be reached on (571)272-7884. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Christopher J Brown/ 4/9/10 
Primary Examiner, Art Unit 2439 



